Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2022-32402 SQL Injection vulnerability in Prison Management System Project Prison Management System 1.0
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/manage_prison.php:4
network
low complexity
prison-management-system-project CWE-89
8.8
8.8
2022-06-24 CVE-2022-32403 SQL Injection vulnerability in Prison Management System Project Prison Management System 1.0
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_record.php:4
network
low complexity
prison-management-system-project CWE-89
8.8
8.8
2022-06-24 CVE-2022-32404 SQL Injection vulnerability in Prison Management System Project Prison Management System 1.0
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_inmate.php:3
network
low complexity
prison-management-system-project CWE-89
8.8
8.8
2022-06-24 CVE-2022-32405 SQL Injection vulnerability in Prison Management System Project Prison Management System 1.0
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/view_prison.php:4
network
low complexity
prison-management-system-project CWE-89
8.8
8.8
2022-06-23 CVE-2021-26636 SQL Injection vulnerability in Maxb Maxboard 1.9.6
Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.
network
low complexity
maxb CWE-89
critical
 9.6
9.6
2022-06-23 CVE-2021-40955 SQL Injection vulnerability in Laiketui 3.5.0
SQL injection exists in LaiKetui v3.5.0 the background administrator list.
network
low complexity
laiketui CWE-89
7.2
7.2
2022-06-23 CVE-2021-40956 SQL Injection vulnerability in Laiketui 3.5.0
LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained.
network
low complexity
laiketui CWE-89
7.5
7.5
2022-06-23 CVE-2022-31361 SQL Injection vulnerability in Docebo 4.0.5
Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability.
network
low complexity
docebo CWE-89
critical
 9.8
9.8
2022-06-23 CVE-2022-31787 SQL Injection vulnerability in Ideaco Ideatms 2022
IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO
network
low complexity
ideaco CWE-89
critical
 9.8
9.8
2022-06-23 CVE-2022-33092 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
network
low complexity
74cms CWE-89
7.5
7.5